Capability discovery and enforcement to provide data in-flight (DIF) services along a communication path selected based on a DIF services policy associated with a virtual machine

ABSTRACT

Embodiments perform capability discovery, policy management, and policy enforcement to provide data in-flight (DIF) services to virtual machines (VMs) without requiring modification to established storage protocols. In exemplary embodiments, a management device receives advertisements of DIF services supported by network nodes. The management device groups the advertised DIF services into a DIF services policy. The management device associates a host and a communication path. The management device enforces the DIF services policy by storing a unique number that causes transmission of data along the communication path.

CROSS-REFERENCE TO RELATED APPLICATION

This application is a continuation of U.S. application Ser. No.15/406,653, filed Jan. 13, 2017, which is a continuation of U.S. Pat.No. 9,547,517, issued Jan. 17, 2017, which is a continuation of U.S.Pat. No. 8,966,479, issued Feb. 24, 2015, the entirety of each is herebyincorporated by reference herein.

BACKGROUND OF THE INVENTION

Some computer networks support data in-flight (DIF) services, a set ofattributes, transformations, or manipulations that apply to data beingtransferred between nodes of the network. For example, DIF services maybe used to provide data integrity, data isolation, data quality ofservice (QoS), and/or data security (e.g., encryption). In the contextof a storage area network (SAN), data generated by software applicationsis transmitted through a fabric of network nodes to a consolidated datastore. The nodes may include, for example, initiators (e.g., host busadapters, HBAs), network switches, and/or storage controllers in theSAN.

DIF services implementations generally include multiple network nodesworking in tandem to accomplish desired results. For example, to providea QoS guarantee (e.g., a minimum bandwidth and/or a maximum latency), aQoS policy may be enforced by all nodes between a source node and thedatastore. Accordingly, a number of DIF services standards have beendeveloped for use by devices along the path of data transmission.However, at least some of these standards do not support virtualizationtechnology and may be unable to distinguish between softwareapplications, such as virtual machines (VMs), executed by a single host.DIF services may therefore be applied to a host based on the DIFservices desired for any application executed by that host. For example,if encryption is desired for a first application at a host and QoS isdesired for a second application at the host, an operator may apply bothencryption and QoS to the host. As a result, both services are appliedto the first and second applications, even though the operator has nodesire to apply QoS to the first application, or to apply encryption tothe second application. Such over-application of DIF services mayincrease operating overhead in the form of computing resource (e.g.,processor time, memory, and/or network bandwidth) utilization at thehost and/or elsewhere within the network while providing little or nobenefit to the operator.

Conceivably, computing resources may be more efficiently utilized byupdating existing standards to apply DIF services to individualapplications, and modifying the nodes in a network to support theupdated standards. However, modifying multiple network nodes,potentially provided by different vendors, to support updated standardsmay be infeasible or impossible. For example, modifying the networknodes may impose significant configuration and testing effort. Further,some device vendors may be reluctant to invest the effort to supportsuch updated standards.

SUMMARY

One or more embodiments described herein provide software application(e.g., virtual machine) specific data in-flight (DIF) services withoutrequiring modification to established storage protocols. In exemplaryembodiments, each software application in a cluster may be associatedwith a DIF services policy indicating one or more DIF services to applyto the software application. The software application is executed by ahost that satisfies the associated DIF services policy. For example, thesoftware application may be executed at a host that is capable ofcommunicating with a datastore (e.g., a storage array) using acommunication path that supports the services indicated in the DIFservices policy. When the software application transmits data to adestination, the host tags the data based on the DIF services policyassociated with the software application and transmits the tagged datato the destination.

In some embodiments, a host creates a plurality of communication pathsbetween the host and a datastore, with each communication pathsupporting a different DIF service or combination of DIF services. Datafrom each software application executed by the host may be transmittedusing a communication path selected based on the DIF services policy, ifany, associated with the software application. Accordingly, computingresource utilization may be reduced while satisfying user-specified DIFservices policies.

This summary introduces a selection of concepts that are described inmore detail below. This summary is not intended to identify essentialfeatures, nor to limit in any way the scope of the claimed subjectmatter.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram of an exemplary computing device.

FIG. 2 is a block diagram of virtual machines that are instantiated on acomputing device, such as the computing device shown in FIG. 1.

FIG. 3 is a block diagram of an exemplary cluster system of hosts andvirtual machines.

FIG. 4 is a block diagram illustrating the establishment ofcommunication paths in the cluster system shown in FIG. 3.

FIG. 5 is a block diagram illustrating the configuration of a virtualmachine in the cluster system shown in FIG. 3.

FIG. 6 is a block diagram of components within a host and a storagecontroller that facilitate transmitting data in accordance with avirtual machine specific DIF services policy.

FIG. 7 is a block diagram illustrating a flow of information inaccordance with a DIFS policy.

FIG. 8 is a block diagram illustrating the creation of a virtual machinein association with a DIF services policy.

FIG. 9 is a block diagram illustrating the operation of a first VM and asecond VM associated with different DIF services policies.

DETAILED DESCRIPTION

Embodiments described herein facilitate applying data in-flight (DIF)services to individual software applications, such as virtual machines(VMs), without requiring extensive changes to network nodes. AlthoughVMs are specifically discussed below, the techniques described hereinare applicable to any software applications, including web services,databases, media streaming software, and/or any other software thatexchanges data over a network.

In exemplary embodiments, a DIF service is communicated out-of-band(OOB) with respect to the communication channel(s) to which the DIFservices policy applies. For example, a VM may exchange data with adatastore using a storage-specific protocol or communication channel,such as iSCSI or Fibre Channel. A DIF services policy stipulating thatsuch exchanges be encrypted may be communicated using a general purposepacket network that is considered out-of-band relative to thestorage-specific protocol or communication channel. Propagating DIFservices policies out of band enables VM-specific DIF services withoutrequiring changes to the communication path between a VM and a networknode (e.g., storage controller) with which the VM communicates. Further,exemplary embodiments facilitate enforcing a DIF services policyassociated with a VM regardless of which host executes the VM. Forexample, a DIF services policy may be stored in association with a VM ina central depository (e.g., a datastore), included in a VM configurationfile, and/or included in a virtual disk image associated with the VM.

As used herein, DIF services refers to configurable attributes,transformations, or manipulations that may be applied to datatransmitted between nodes in a network. For example, DIF services mayinclude data integrity, data isolation, data quality of service (QoS),and/or data security.

Data integrity provides protection against corruption of transferreddata. Because corruption can be introduced by any node along acommunication path, data integrity may be applied along the entire path.Data integrity typically calculates and adds checksums for transmitteddata at the source node. Such checksums are validated by nodes along thecommunication path. This service enables a network operator to preventcorrupt data from being written to a datastore. Data integrity is oftenapplied to data associated with enterprise applications, such asdatabases. Examples of standard implementations of data integrityinclude data digest and data integrity field (DIF)/data integrityextensions (DIX).

Data isolation uses input/output (JO) tags to provide isolation of dataalong a communication path that is shared by multiple users. Networknodes are configured to recognize these tags and prevent unauthorizedusers from reading the data. Exemplary implementations include VLAN,which may be applied at Layer 2 of the Open Systems Interconnection(OSI) model, and Internet Protocol (IP) address based access controllists, which may be applied at Layer 3 of the OSI model.

Data QoS allocates network resources along a communication path toensure that a user's or application's performance expectations (e.g.,minimum bandwidth and/or maximum latency) are met. An IO pattern (e.g.,a source node and/or a destination node) may be associated with a QoSpolicy at nodes along a communication path. These nodes enforce the QoSpolicy with respect to data transmissions matching the IO pattern.Exemplary QoS implementations include Data Center Bridging (DCB) andFibre Channel over Ethernet (FCoE).

Data security protects data against unauthorized data access and networkattacks (e.g., “man in the middle” attacks) using authentication and/orencryption services. For example, before data is transferred betweenendpoint nodes, both nodes may authenticate each other usingcryptographic keys. In addition, or alternatively the data may beencrypted at the transmitting node and decrypted at the receiving node.Exemplary data security implementations include Challenge-HandshakeAuthentication Protocol (CHAP) and Internet Protocol Security (IPsec).

In exemplary embodiments, network nodes advertise or publish DIFservices capabilities (e.g., DIF services supported by the nodes) to aserver. A policy manager software application allows a user to select aDIF services policy specifying which DIF services to apply to a VM. Thispolicy is stored as metadata associated with the VM. When the VM isexecuted (“powered on”), data transmitted by the VM is tagged by thehost executing the VM based on the DIF services policy. The host alsoexecutes a path selection component that routes data to a path thatsupports the services specified by the DIF services policy associatedwith the VM. As the data is transmitted along the network nodes alongthe path, each of the nodes in the path that advertised supported DIFservices applies the DIF services policy.

FIG. 1 is a block diagram of an exemplary computing device 100.Computing device 100 includes a processor 102 for executinginstructions. In some embodiments, executable instructions are stored ina memory 104. Memory 104 is any device allowing information, such asexecutable instructions, software applications such as VMs, DIF servicespolicies (e.g., associated with VMs), DIF services supported by networknodes, and/or other data, to be stored and retrieved. For example,memory 104 may include one or more random access memory (RAM) modules,flash memory modules, hard disks, solid state disks, and/or opticaldisks.

Computing device 100 also includes at least one presentation device 106for presenting information to a user 108. Presentation device 106 is anycomponent capable of conveying information to user 108. Presentationdevice 106 may include, without limitation, a display device (e.g., aliquid crystal display (LCD), organic light emitting diode (OLED)display, or “electronic ink” display) and/or an audio output device(e.g., a speaker or headphones). In some embodiments, presentationdevice 106 includes an output adapter, such as a video adapter and/or anaudio adapter. An output adapter is operatively coupled to processor 102and configured to be operatively coupled to an output device, such as adisplay device or an audio output device.

The computing device 100 may include a user input device 110 forreceiving input from user 108. User input device 110 may include, forexample, a keyboard, a pointing device, a mouse, a stylus, a touchsensitive panel (e.g., a touch pad or a touch screen), a gyroscope, anaccelerometer, a position detector, and/or an audio input device. Asingle component, such as a touch screen, may function as both an outputdevice of presentation device 106 and user input device 110.

Computing device 100 also includes a network communication interface112, which enables computing device 100 to communicate with a remotedevice (e.g., another computing device 100) via a communication medium,such as a wired or wireless packet network. For example, computingdevice 100 may transmit and/or receive data via network communicationinterface 112. User input device 110 and/or network communicationinterface 112 may be referred to as an input interface 114 and may beconfigured to receive information from a user.

Computing device 100 further includes a storage interface 116 thatenables computing device 100 to communicate with one or more datastores,which store virtual disk images, software applications, data associatedwith software applications, and/or any other data suitable for use withthe methods described herein. In exemplary embodiments, storageinterface 116 couples computing device 100 to a storage area network(SAN) (e.g., a Fibre Channel network) and/or to a network-attachedstorage (NAS) system (e.g., via a packet network). The storage interface116 may be integrated with network communication interface 112.

In exemplary embodiments, memory 104 stores computer-executableinstructions for performing one or more of the operations describedherein. Memory 104 may include one or more computer-readable storagemedia that have computer-executable components embodied thereon. In theexample of FIG. 1, memory 104 includes a

Embodiments are described herein with reference to virtual machines(VMs). However, it is contemplated that the methods described may beapplied to any type of software application.

FIG. 2 depicts a block diagram of VMs 235 ₁, 235 ₂ . . . 235 _(N) thatare instantiated on a computing device 100, which may be referred to asa host computing device or simply a host. Computing device 100 includesa hardware platform 205, such as an x86 architecture platform. Hardwareplatform 205 may include processor 102, memory 104, networkcommunication interface 112, user input device 110, and otherinput/output (I/O) devices, such as a presentation device 106 (shown inFIG. 1). A virtualization software layer, also referred to hereinafteras a hypervisor 210, is installed on top of hardware platform 205.

The virtualization software layer supports a virtual machine executionspace 230 within which multiple virtual machines (VMs 235 ₁-235 _(N))may be concurrently instantiated and executed. Hypervisor 210 includes adevice driver layer 215, and maps physical resources of hardwareplatform 205 (e.g., processor 102, memory 104, network communicationinterface 112, and/or user input device 110) to “virtual” resources ofeach of VMs 235 ₁-235 _(N) such that each of VMs 235 ₁-235 _(N) has itsown virtual hardware platform (e.g., a corresponding one of virtualhardware platforms 240 ₁-240 _(N)), each virtual hardware platformhaving its own emulated hardware (such as a processor 245, a memory 250,a network communication interface 255, a user input device 260 and otheremulated I/O devices in VM 235 ₁).

In some embodiments, memory 250 in first virtual hardware platform 240 ₁includes a virtual disk that is associated with or “mapped to” one ormore virtual disk images stored in memory 104 (e.g., a hard disk orsolid state disk) of computing device 100. The virtual disk imagerepresents a file system (e.g., a hierarchy of directories and files)used by first virtual machine 235 ₁ in a single file or in a pluralityof files, each of which includes a portion of the file system. Inaddition, or alternatively, virtual disk images may be stored in memory104 of one or more remote computing devices 100, such as a datastore ora data storage container (e.g., in a storage area network, or SAN,configuration).

Device driver layer 215 includes, for example, a communication interfacedriver 220 that interacts with network communication interface 112 toreceive and transmit data from, for example, a local area network (LAN)connected to computing device 100. Communication interface driver 220also includes a virtual bridge 225 that simulates the broadcasting ofdata packets in a physical network received from one communicationinterface (e.g., network communication interface 112) to othercommunication interfaces (e.g., the virtual communication interfaces ofVMs 235 ₁-235 _(N)). Each virtual communication interface for each VM235 ₁-235 _(N), such as network communication interface 255 for first VM235 ₁, may be assigned a unique virtual Media Access Control (MAC)address that enables virtual bridge 225 to simulate the forwarding ofincoming data packets from network communication interface 112. In anembodiment, network communication interface 112 is an Ethernet adapterthat is configured in “promiscuous mode,” such that all Ethernet packetsthat it receives (rather than just Ethernet packets addressed to its ownphysical MAC address) are passed to virtual bridge 225, which, in turn,is able to further forward the Ethernet packets to VMs 235 ₁-235 _(N).This configuration enables an Ethernet packet that has a virtual MACaddress as its destination address to properly reach the VM in computingdevice 100 with a virtual communication interface that corresponds tosuch virtual MAC address.

Virtual hardware platform 240 ₁ may function as an equivalent of astandard x86 hardware architecture such that any x86-compatible desktopoperating system (e.g., Microsoft WINDOWS brand operating system, LINUXbrand operating system, SOLARIS brand operating system, NETWARE, orFREEBSD) may be installed as guest operating system (OS) 265 in order toexecute applications 270 for an instantiated VM, such as first VM 235 ₁.Virtual hardware platforms 240 ₁-240 _(N) may be considered to be partof virtual machine monitors (VMM) 275 ₁-275 _(N) which implement virtualsystem support to coordinate operations between hypervisor 210 andcorresponding VMs 235 ₁-235 _(N). Those with ordinary skill in the artwill recognize that the various terms, layers, and categorizations usedto describe the virtualization components in FIG. 2 may be referred todifferently without departing from their functionality or the spirit orscope of the disclosure. For example, virtual hardware platforms 240₁-240 _(N) may also be considered to be separate from VMMs 275 ₁-275_(N), and VMMs 275 ₁-275 _(N) may be considered to be separate fromhypervisor 210. One example of hypervisor 210 that may be used in anembodiment of the disclosure is included as a component in VMware's ESXbrand software, which is commercially available from VMware, Inc.

FIG. 3 is a block diagram of an exemplary cluster system 300 of hosts305 and virtual machines (VMs) 235. Cluster system 300 includes a faultdomain 310 with a first host 305 ₁, a second host 305 ₂, a third host305 ₃, and a fourth host 305 ₄. Each host 305 executes one or moresoftware applications. For example, first host 305 ₁ executes first VM235 ₁, second VM 235 ₂, and third VM 235 ₃, and fourth host 305 ₄executes fourth VM 235 ₄. In exemplary embodiments, each host 305executes a hypervisor 210, and VMs 235 are executed by the hypervisor210 on the corresponding host 305. Further, VMs 235 hosted by hosts 305may execute other software applications, such as instances of networkservices (e.g., web applications and/or web services), distributedcomputing software, and/or any other type of software that is executableby computing devices 100 (shown in FIG. 1) such as hosts 305.

Hosts 305 communicate with each other via a network 315. Cluster system300 also includes one or more management devices 320, which are coupledin communication with hosts 305 via network 315. In exemplaryembodiments, a management device 320 monitors and controls hosts 305.For example, management device 320 may monitor performance metrics(e.g., application performance metrics and/or host performance metrics)associated with hosts 305 and may further coordinate the execution ofVMs and/or other software applications by hosts 305 based on theperformance metrics. One or more client devices 325 are coupled incommunication with network 315, such that client devices 325 may submitrequests to hosts 305. For example, hosts 305 may execute instances ofsoftware applications that provide data in response to requests fromclient devices 325.

Although management device 320 is shown outside fault domain 310, thefunctions of management device 320 may be incorporated into fault domain310. For example, management device 320 may be included in fault domain310. Alternatively, the functions described with reference to managementdevice 320 may be performed by one or more hosts 305, or VMs 235executed by one or more hosts 305, in fault domain 310. Hosts 305,management device 320, and/or client device 325 may be computing devices100.

Cluster system 300 includes a first storage controller 330 ₁ and asecond storage controller 330 ₂ that provide access to datastores in theform of logical storage containers 335. In exemplary embodiments,storage controllers 330 are instances of computing device 100 (shown inFIG. 1), and storage containers 335 are abstractions of (are “backedby”) storage devices 340 (e.g., hard disk drives and/or solid statedrives) managed by storage controllers 330. For example, first storagecontroller 330 ₁ may provide a first storage container 335 ₁ and asecond storage container 335 ₂ that are backed by portions of an arrayof storage devices 340 (e.g., in a redundant array of inexpensive disks,or RAID, configuration).

Hosts 305 communicate with storage controllers 330 via a storage network345. For example, storage network 345 may include a storage area network(SAN) using a protocol such as Fibre Channel and/or Internet SmallComputer System Interface (iSCSI). As another example, storage network345 may include a network-attached storage (NAS). In exemplaryembodiments, VMs 235 are associated with virtual disk images,configuration files, and/or other data stored in file systems providedby storage containers 335. Further, in some embodiments, storagecontainers 335 provide a VM-specific file system that includes VMvolumes, each of which encapsulates data (e.g., configuration andvirtual disk images) associated with a VM. Although storage network 345is illustrated as separate from network 315, in some embodiments,storage network 345 may be combined with network 315.

FIG. 4 is a block diagram 400 illustrating the establishment ofcommunication paths in cluster system 300 (shown in FIG. 3). Inexemplary embodiments, a hypervisor 210 operates as, and/or executes, aprotocol initiator, and a storage controller 330 operates as, and/orexecutes, a protocol target. Hypervisor 210 initiates a login process tocreate 405 a first, or default, communication path 410 betweenhypervisor 210 and storage controller 330. In some embodiments, defaultcommunication path 410 is used by hypervisor 210 and not by VMs executedby hypervisor 210.

In creating 405 default communication path 410, hypervisor 210 andstorage controller 330 may negotiate session parameters governing thetransmission of data through default communication path 410. Based onthe negotiated session parameters, hypervisor 210 and storage controller330 create 405 one or more other communication paths, such as a secondcommunication path 415, with various attributes corresponding to DIFservices supported by hypervisor 210 and storage controller 330. Forexample, second communication path 415 may include a data integrityservice.

Both hypervisor 210 and storage controller 330 transmit 420 tomanagement device 320 an advertisement of DIF services supported by thecorresponding component using an out-of-band communication path. Forexample, referring also to FIG. 3, first communication path 410 andsecond communication path 415 may be created 405 using storage network345, and advertisements may be transmitted to management device 320using network 315. Management device 320 receives the DIF servicescapability advertisements and associates supported DIF services witheach storage controller 330 and each hypervisor 210 (or correspondinghost 305) based on the advertisements. This information may be used todetermine appropriate DIF services for an IO path, and/or to determinean appropriate host to execute a VM, as described in more detail below.

Although FIG. 4 illustrates a hypervisor 210 and a storage controller330, it should be noted that management device 320 may also receive DIFservices capability advertisements from other components, such asnetwork switches (e.g., OSI Layer 2 switches). For example, managementdevice 320 may receive and store QoS capabilities associated withnetwork switches in storage network 345.

In an exemplary scenario, hypervisor 210 communicates with storagecontroller 330 using the iSCSI protocol. Hypervisor 210 includes aniSCSI protocol stack and a storage controller driver configured todiscover multiple channels of service between hypervisor 210 and storagecontroller 330. For example, hypervisor 210 may apply data integrityServices for all IO transmitted via first communication path 410 and noservices for IO transmitted via second communication path 415. The DIFservices associated with communication paths 410, 415 may be determinedbased on a configuration of hypervisor 210 and/or a configuration (e.g.,DIF services policy) of VMs executed by hypervisor 210. Hypervisor 210may distinguish between communication paths 410, 415 by assigning aunique attribute, such as a channel number, to each communication path410, 415. As shown in FIG. 4, first communication path 410 isillustrated as a first channel (Channel 0), and second communicationpath 415 is illustrated as a second channel (Channel 1).

In exemplary embodiments, a VM or a set of VMs is associated with astorage container 335. The application of DIF services to VMs may beimplemented as a capability of storage containers 335, potentially alongwith other capabilities, such as an expected or guaranteed performancelevel (e.g., IO operations per second). Further, a storage container 335may provide a plurality of capabilities, DIF services or otherwise. Insome embodiments, DIF services are grouped into tiers of service, suchas gold, silver, and bronze, or high, medium, and low. For example, goldservice may include data integrity and a minimum level of IO operationsper second, silver service may include data integrity, and bronzeservice may include no such capabilities.

FIG. 5 is a block diagram 500 illustrating the configuration of a VM incluster system 300 (shown in FIG. 3). In exemplary embodiments,management device 320 receives a request from a user to create a VMassociated with a DIF services policy (e.g., including data integrity).Management device determines that hypervisor 210 on host 305 is capableof providing the service(s) indicated by the policy. For example,management device 320 may determine that storage controller 330 providesa storage container 335 supporting data integrity, and that host 305 iscapable of communicating with storage controller 330 (e.g., via firstcommunication path 410). Management device 320 transmits 505 a VMcreation request to host 305. Hypervisor 210 at host 305 creates 510 avolume (e.g., a VM volume, or VVOL). For example, hypervisor 210 maycreate 510 a VVOL within container 335 including a virtual disk imageand a VM configuration (e.g., metadata) associated with the newlycreated VM. Hypervisor 210 may also add 515 the DIF services policy,and/or software corresponding to the services indicated by the DIFservices policy, to the VM, such as by adding such elements to thevirtual disk image.

In some embodiments, management device 320 creates a virtual disk imageover a storage container 335 using a protocol endpoint (PE) with thespecified DIF services (e.g., data integrity). A PE includes, forexample, a device such as a disk that is addressable by a storagecontroller 330 using a communication protocol (e.g., SCSI or FibreChannel) supported by the storage controller 330. When the VM is poweredon, hypervisor 210 transmits 520 a bind request to the storagecontroller 330 for the newly created VVOL in storage container 335, bothof which support the specified DIF services. In return, hypervisor 210receives the association of the PE identifier, VVOL identifier, andstorage container 335 as part of the binding process 520. The PE is usedby hypervisor 210 to transmit data in accordance with the DIF servicespolicy. In exemplary embodiments, the DIF services policy is stored asmetadata associated with the VM in the VVOL.

As described in more detail below, hypervisor 210 receives 10 operations(e.g., in data packets) from a VM 235 (shown in FIG. 3) executed byhypervisor 210, tags the IO operations, and transmits 530 the tagged IOoperations to storage controller 330. Storage controller 330 determineswhether the received operation satisfies the DIF services policyassociated with the VM 235. When the DIF services policy is satisfied,storage controller 330 performs the received operation and transmits 535an IO response (e.g., data read from storage container 335 orconfirmation that data was successfully written to storage container335). When the DIF services policy is not satisfied, storage controller330 rejects the received operation, such as by transmitting 535 an IOresponse indicating an error.

FIG. 6 is a block diagram 600 of components within a host 305 and astorage controller 330 that facilitate transmitting data in accordancewith a VM-specific DIF services policy. In exemplary embodiments, a VM235 is associated with a DIF services policy specifying one or more DIFservices. Hypervisor 210 ensures that data exchanged between the VM 235and a corresponding storage container 335 is transmitted using acommunication path that is appropriate based on the DIF services policy.

When a VM 235 transmits data (e.g., in a packet), hypervisor 210receives the data and associates with the data one or more tagsindicating the DIF services policy associated with the VM 235. A storagestack 605 includes file system drivers and a path selection plugin(PSP). The PSP selects, based on the tag(s), a communication path 610registered by an underlying protocol driver 615. For example, the PSPmay select a communication path 610 that supports the services indicatedby the tag(s). The tagged data is transmitted to the target storagecontroller 330 using the selected communication path 610. When thetransmitted data reaches the target storage controller 330, storagecontroller 330 performs any appropriate services, as indicated by thetag(s), before storing the data in a logical storage container 335.

In one exemplary scenario, host 305 and storage controller 330communicate using the iSCSI protocol. Each transmission from a VM 235 tostorage controller 330 is tagged with the DIF services that areassociated with the VM 235. In the exemplary scenario, VM 235 isassociated with a DIF services policy specifying data integrity. On awrite transmission, a checksum of the data to write may be calculated tofacilitate validating the data during transmission (“in-flight”) and/orupon arrival at the target. Conversely, on a read transmission, receiveddata may be validated by host 305 by calculating a checksum of the dataand comparing the calculated checksum to a checksum received with thedata.

Indicated DIF services may be propagated using an asynchronous token(“AsyncToken”) scheme. The PSP selects a communication path satisfyingthe DIF services policy, and the data is communicated using the selectedcommunication path by a protocol driver 615. In some embodiments,protocol driver 615 calculates a checksum for the transmission. In otherembodiments, the checksum may be calculated (e.g., by hypervisor 210 orstorage stack 605) before protocol driver 615 receives the data.Protocol driver 615 offloads the IO operation to hardware resources 620(e.g., firmware), transmitting the data and the checksum along theselected communication path 610.

The target storage controller 330 receives the IO at a protocol driver625. Based on the VM 235 being associated with a DIF services policyincluding data integrity, storage controller 330 ensures that thereceived IO satisfies the DIF services policy (e.g., includes achecksum). Storage controller 330 calculates a checksum, and, if thecalculated checksum matches the received checksum, stores the data in alogical storage container 335 using a logical volume manager (LVM) 630.In some embodiments, when data integrity is specified, storagecontroller 330 stores the received data in a format that allows checksumvalues to be stored with data corresponding to the checksum. Forexample, if data may conventionally be stored in a 512-byte sectorlayout, storage controller 330 may store data associated with a VMhaving a DIF services policy including data integrity in a 520-bytesector layout with an 8-byte checksum field.

The above steps describe a write IO operation. A read IO operation isperformed similarly, but in reverse. For example, when data integrity isenabled, the target storage controller 330 may read data requested bythe VM 235 and validate the checksum before transmitting the data tohost 305.

Further, although storage stack 605 (e.g., the PSP) is responsible foraccommodating the DIF services policy in the scenario above, suchaccommodation may also, or instead, be performed by other components ofhost 305, such as protocol driver 615. For example, when QoS isindicated by a DIF services policy, protocol driver 615 may set orenable the QoS bit in an IO transmission, and underlying networkinfrastructure along the selected communication path 610 will apply theQoS policy.

Although the operations above are described with reference to particulardevices, it is contemplated that any portion of such operations may beperformed by any computing device 100 (shown in FIG. 1). Further, theapplication of DIF services policies to VMs is described above, but themethods described may be practiced with respect to any softwareapplication executed by a host.

Exemplary Implementation

FIGS. 7-9 illustrate an exemplary implementation of the methodsdescribed herein. FIG. 7 is a block diagram 700 illustrating a flow ofinformation in accordance with a DIF services policy. As shown indiagram 700, a storage administrator 705 creates 751 PEs, storagecontainers, and storage capabilities (e.g., DIF services capabilitiesand/or performance capabilities) associated with storage containers in astorage array 710.

PEs, storage containers, and storage capabilities may be stored bystorage array 710 in a VM volume (VVOL) provider 715. A managementapplication VC/ESX 720, which may be executed by management device 320and/or a host 305 (both shown in FIG. 3), queries 752 the PEs, storagecontainers, and storage capabilities stored at VVOL provider 715. VC/ESX720 creates 753 DIF services policies that are available for selectionby a storage policy based manager (SPBM) 725, executed by managementdevice 320. For example, the DIF services policies may includeindividual DIF services policies and/or service tiers, each service tierincluding zero or more DIF services. A user may be prompted to select aDIF services policy to associate with a given VM, and storage containersmatching the selected DIF services policy may be displayed to the userfor selection.

At step 754, upon receiving a selection of a policy for a VM from SPBM725, VC/ESX 720 creates a VVOL within VVOL provider 715 and selects astorage profile (e.g., including a DIF services policy) associated withthe VM. VC/ESX 720 associates the storage profile with an identifier ofthe VM and stores 755 this association in a central depository 730,executed by management device 320. Central depository 730 may, in turn,store the association in the VVOL associated with the VM, in a virtualdisk image associated with the VM, and/or in a configuration fileassociated with the VM. VC/ESX binds 756 the created VVOL to a PE atVVOL provider 715.

In the exemplary implementation, VC/ESX 720 is capable of managing theDIF services policy associated with a VM. For example, VC/ESX 720 maymanage DIF services policies in response to user requests received bySPBM 725. To associate a DIF services policy with a new VM, VC/ESX 720executes an addDIFS( ) function against central depository 730,providing a VM identifier and a DIF services policy. To remove the DIFservices policy from a VM, VC/ESX 720 executes a deleteDIFS( ) functionagainst central depository 730, providing a VM identifier. To modify theDIF services policy associated with a VM, VC/ESX 720 executes anupdateDIFS( ) function against central depository 730, providing a VMidentifier and a new DIF services policy. To retrieve the DIF servicespolicy currently associated with a VM, VC/ESX 720 executes a getDIFS( )function against central depository 730, providing a VM identifier.

FIG. 8 is a block diagram 800 illustrating the creation of a VM inassociation with a DIF services policy. As shown in diagram 800, amanagement application VC 805, executed by management device 320 (shownin FIG. 3), transmits 851 a create VM command to a VM management agenthostd 810, executed by a host 305 (shown in FIG. 3). Hostd 810 creates852 a namespace object associated with the VM using a file system agentosfsd 815. “Osfsd” refers to “Object Store File System Daemon.” In theexemplary implementation, osfsd 815 creates 853 a meta VVOL and bindsthe VVOL to the VM using an application programming interface (API) forstorage awareness (VASA) host module 820. Osfsd 815 also creates 854 afile-interface deduplication system (FDS) device, formats the FDSdevice, and mounts a VM file system (VMFS) using an initialize meta VVOLprocess 825. At step 855, hostd 810 creates files 830 associated withthe VM (e.g., a VM configuration file) and stores an association of anidentifier of the VM (a VMID) with a specified DIF services policy in acentral depository (e.g., central depository 730, shown in FIG. 7).

FIG. 9 is a block diagram 900 illustrating the operation of a first VM905 and a second VM 910 associated with different DIF services policies.First VM 905 is associated with a DIF services policy indicating dataintegrity is to be applied. Second VM 910 is associated with a DIFservices policy indicating no DIF services.

First VM 905, second VM 910, and a storage stack 915 (similar to storagestack 605, shown in FIG. 6) are executed by a host 920. Storage stack915 creates a first communication path 925 and a second communicationpath 930 between host 920 and a storage array 935. Data integrity, inthe form of a digest, is enabled for first communication path 925. Nodata integrity is enabled for second communication path 930.

When VMs 905, 910 are powered on, storage stack 915 tags datatransmitted by VMs 905, 910 based on the DIF services policiesassociated with VMs 905, 910. Because data integrity is enabled in theDIF services policy associated with first VM 905, IO from first VM 905is exchanged with storage array 935 using first communication path 925.Because no data integrity is enabled in the DIF services policyassociated with second VM 910, IO from second VM 910 is exchanged withstorage array 935 using second communication path 930. Accordingly, thecomputing overhead of calculating and validating checksums is incurredonly for first VM 905.

The methods described may be performed by computing devices 100 (shownin FIG. 1), such as management device 320 (shown in FIG. 3). Thecomputing devices communicate with each other through an exchange ofmessages and/or stored data. A computing device may transmit a messageas a broadcast message (e.g., to an entire network and/or data bus), amulticast message (e.g., addressed to a plurality of other computingdevices), and/or as a plurality of unicast messages, each of which isaddressed to an individual computing device. Further, in someembodiments, messages are transmitted using a network protocol that doesnot guarantee delivery, such as User Datagram Protocol (UDP).Accordingly, when transmitting a message, a computing device maytransmit multiple copies of the message, enabling the computing deviceto reduce the risk of non-delivery.

Exemplary Operating Environment

The operations described herein may be performed by a computer orcomputing device. A computer or computing device may include one or moreprocessors or processing units, system memory, and some form of computerreadable media. Exemplary computer readable media include flash memorydrives, digital versatile discs (DVDs), compact discs (CDs), floppydisks, and tape cassettes. By way of example and not limitation,computer readable media comprise computer-readable storage media andcommunication media. Computer-readable storage media are tangible andnon-transitory and store information such as computer readableinstructions, data structures, program modules, or other data.Communication media, in contrast, typically embody computer readableinstructions, data structures, program modules, or other data in atransitory modulated data signal such as a carrier wave or othertransport mechanism and include any information delivery media.Combinations of any of the above are also included within the scope ofcomputer readable media.

Although described in connection with an exemplary computing systemenvironment, embodiments of the disclosure are operative with numerousother general purpose or special purpose computing system environmentsor configurations. Examples of well known computing systems,environments, and/or configurations that may be suitable for use withaspects of the disclosure include, but are not limited to, mobilecomputing devices, personal computers, server computers, hand-held orlaptop devices, multiprocessor systems, gaming consoles,microprocessor-based systems, set top boxes, programmable consumerelectronics, mobile telephones, network PCs, minicomputers, mainframecomputers, distributed computing environments that include any of theabove systems or devices, and the like.

Embodiments of the disclosure may be described in the general context ofcomputer-executable instructions, such as program modules, executed byone or more computers or other devices. The computer-executableinstructions may be organized into one or more computer-executablecomponents or modules. Generally, program modules include, but are notlimited to, routines, programs, objects, components, and data structuresthat perform particular tasks or implement particular abstract datatypes. Aspects of the disclosure may be implemented with any number andorganization of such components or modules. For example, aspects of thedisclosure are not limited to the specific computer-executableinstructions or the specific components or modules illustrated in thefigures and described herein. Other embodiments of the disclosure mayinclude different computer-executable instructions or components havingmore or less functionality than illustrated and described herein.

Aspects of the disclosure transform a general-purpose computer into aspecial-purpose computing device when programmed to execute theinstructions described herein.

The operations illustrated and described herein may be implemented assoftware instructions encoded on a computer-readable medium, in hardwareprogrammed or designed to perform the operations, or both. For example,aspects of the disclosure may be implemented as a system on a chip.

The order of execution or performance of the operations in embodimentsof the disclosure illustrated and described herein is not essential,unless otherwise specified. That is, the operations may be performed inany order, unless otherwise specified, and embodiments of the disclosuremay include additional or fewer operations than those disclosed herein.For example, it is contemplated that executing or performing aparticular operation before, contemporaneously with, or after anotheroperation is within the scope of aspects of the disclosure.

When introducing elements of aspects of the disclosure or theembodiments thereof, the articles “a,” “an,” “the,” and “said” areintended to mean that there are one or more of the elements. The terms“comprising,” “including,” and “having” are intended to be inclusive andmean that there may be additional elements other than the listedelements.

Having described aspects of the disclosure in detail, it will beapparent that modifications and variations are possible withoutdeparting from the scope of aspects of the disclosure as defined in theappended claims. As various changes could be made in the aboveconstructions, products, and methods without departing from the scope ofaspects of the disclosure, it is intended that all matter contained inthe above description and shown in the accompanying drawings shall beinterpreted as illustrative and not in a limiting sense.

What is claimed is:
 1. A method, comprising: receiving, by a managementdevice, an advertisement of a plurality of data in-flight (DIF) servicessupported by network nodes, the network nodes comprising a storagecontroller and a network switch; grouping, based on a performance levelprovided by individual ones of the plurality of DIF services, a subsetof the plurality of DIF services into a DIF services policy;associating, by the management device, a communications path for atleast one of a plurality of hosts to communicate to the storagecontroller, the communications path supporting the DIF servicesindicated by the DIF services policy at least by including the networkswitch associated with the advertisement of DIF services that areincluded in the DIF services policy; and selecting, based on the DIFservices policy, a host from the plurality of hosts to execute a virtualmachine (VM) associated with the DIF services policy, the selectingbased at least in part on determining that the host supports the subsetof DIF services indicated by the DIF services policy based at least inpart by being capable of communicating, according to the subset of DIFservices indicated by the DIF services policy, to the storage controlleralong the communications path.
 2. The method of claim 1, furthercomprising: enforcing the DIF services policy by storing, in a datastore, a unique number to cause data exchanged between the host and thestorage controller to be transmitted along the communications path. 3.The method of claim 2, further comprising: wherein the DIF services area data security service comprising Challenge-Handshake AuthenticationProtocol (CHAP) or Internet Protocol Security (IPsec); and causing,using instructions associated with the unique number, a driver tonegotiate parameters to transmit the data exchanged between the host andthe storage controller.
 4. The method of claim 2, further comprisingcausing, using instructions associated with the unique number, a driverto set a Quality of Service (QoS) bit to transmit the data exchangedbetween the host and the storage controller.
 5. The method of claim 1,wherein the management device receives the advertisement of DIF servicesthrough an out-of-band path.
 6. The method of claim 1, furthercomprising: determining, by the management device, that the storagecontroller comprises a storage container supporting the DIF services;creating a virtual disk image over the storage container; andtransmitting, by the management device, a virtual machine (VM) creationrequest to the host.
 7. The method of claim 6, further comprising:binding the virtual disk image to a VM created in response to the VMcreation request; and storing the DIF services policy in the virtualdisk image.
 8. A system comprising: a host; and a processor programmedto: receive an advertisement of a plurality of DIF services supported bynetwork nodes, the network nodes comprising a storage controller and anetwork switch; group, based on a performance level provided byindividual ones of the plurality of DIF services, a subset of theplurality of DIF services into a DIF services policy; associate acommunications path for at least one of a plurality of hosts tocommunicate to the storage controller, the communications pathsupporting the DIF services indicated by the DIF services policy atleast by including the network switch associated with the advertisementof DIF services that are included in the DIF services policy; andselect, based on the DIF services policy, the host from the plurality ofhosts to execute a virtual machine (VM) associated with the DIF servicespolicy, the selecting based at least in part on determining that thehost supports the subset of DIF services indicated by the DIF servicespolicy based at least in part by being capable of communicating,according to the subset of DIF services indicated by the DIF servicespolicy, to the storage controller along the communications path.
 9. Thesystem of claim 8, further comprising: enforce the DIF services policyby storing, in a data store, a unique number to cause data exchangedbetween the host and the storage controller to be transmitted along thecommunications path.
 10. The system of claim 9, further comprising:wherein the DIF services are a data security service comprising aChallenge-Handshake Authentication Protocol (CHAP) or an InternetProtocol Security (IPsec); and cause, using instructions associated withthe unique number, a driver to negotiate parameters to transmit the dataexchanged between the host and the storage controller.
 11. The system ofclaim 9, further comprising: cause, using instructions associated withthe unique number, a driver to set a QoS bit to transmit the dataexchanged between the host and the storage controller.
 12. The system ofclaim 8, wherein the advertisement of DIF services is received throughan out-of-band path.
 13. The system of claim 8, further comprising:determine that the storage controller comprises a storage containersupporting the DIF services; create a virtual disk image over thestorage container; and transmit a VM creation request to the host. 14.The system of claim 13, further comprising: bind the virtual disk imageto a VM created in response to the VM creation request; and store theDIF services policy in the virtual disk image.
 15. One or morenon-transitory computer-readable storage media comprising computerexecutable instructions that, when executed by a processor, cause theprocessor to at least: receive an advertisement of a plurality of DIFservices supported by network nodes, the network nodes comprising astorage controller and a network switch; group, based on a performancelevel provided by individual ones of the plurality of DIF services, asubset of the plurality of DIF services into a DIF services policy;associate a communications path for at least one of a plurality of hoststo communicate to the storage controller, the communications pathsupporting the DIF services indicated by the DIF services policy atleast by including the network switch associated with the advertisementof DIF services that are included in the DIF services policy; andselect, based on the DIF services policy, a host from the plurality ofhosts to execute a virtual machine (VM) associated with the DIF servicespolicy, the selecting based at least in part on determining that thehost supports subset of the DIF services indicated by the DIF servicespolicy based at least in part by being capable of communicating,according to the subset of DIF services indicated by the DIF servicespolicy, to the storage controller along the communications path.
 16. Theone or more non-transitory computer-readable storage media of claim 15,wherein the instructions further cause the processor to at least:enforce the DIF services policy by storing, in a data store, a uniquenumber to cause data exchanged between the host and the storagecontroller to be transmitted along the communications path.
 17. The oneor more non-transitory computer-readable storage media of claim 16,wherein the DIF services are a data security service comprising aChallenge-Handshake Authentication Protocol (CHAP) or an InternetProtocol Security (IPsec); and wherein the instructions further causethe processor to at least: cause a driver to negotiate parameters totransmit the data exchanged between the host and the storage controller.18. The one or more non-transitory computer-readable storage media ofclaim 15, wherein the instructions further cause the processor to atleast: cause a driver to set a QoS bit to transmit data exchangedbetween the host and the storage controller.
 19. The one or morenon-transitory computer-readable storage media of claim 15, wherein theinstructions further cause the processor to at least: determine that thestorage controller comprises a storage container supporting the DIFservices; create a virtual disk image over the storage container; andtransmit a VM creation request to the host.
 20. The one or morenon-transitory computer-readable storage media of claim 19, wherein theinstructions further cause the processor to at least: bind the virtualdisk image to a VM created in response to the VM creation request; andstore the DIF services policy in the virtual disk image.